From owner-freebsd-questions Thu Dec 14 6:12:22 2000 From owner-freebsd-questions@FreeBSD.ORG Thu Dec 14 06:12:14 2000 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from oggi.spb.ru (unknown [213.221.62.89]) by hub.freebsd.org (Postfix) with ESMTP id 9114C37B400 for ; Thu, 14 Dec 2000 06:12:11 -0800 (PST) Received: from server (server [10.4.1.2]) by oggi.spb.ru (8.9.3/8.9.2) with SMTP id RAA00976 for ; Thu, 14 Dec 2000 17:05:41 +0300 (MSK) (envelope-from Alexey.Dementsov@oggi.spb.ru) Message-ID: <001601c065d8$8949cb70$0201040a@oggi.spb.ru> From: "Alexey" To: Subject: Date: Thu, 14 Dec 2000 17:17:04 +0300 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0013_01C065F1.ADE67820" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2417.2000 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. ------=_NextPart_000_0013_01C065F1.ADE67820 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: quoted-printable Good day. I have a same dificult problem with tooling VPN based package poptop. I = uses FreeBDS 3.1 operation system. Client is VPN Microsoft. Connection = in the Local Aria Network was succesful on 10.4.1.1 IP.=20 FreeBSD is connected with Internet by PPP with fixed ip adress x.x.x.x Client computer is connected whith Internet by dual-up with fixed = ip-adress y.y.y.y Then I tried to connect through Internet on x.x.x.x IP. The messages = "650 The Remote Access server is not responding" appeard after the check = username password. Configuration files are wrote below: /etc/rc.conf ifconfig_ed1=3D"inet 10.4.1.1 netmask 255.255.255.0" defaultrouter=3D"NO" network_interfaces=3D"ed1 lo0" hostname=3D"mail.oggi.spb.ru" keymap=3Dru.koi8-r keychange=3D"61 ^[[K" scrnmap=3Dkoi8-r2cp866 font8x16=3Dcpp866b-8x16 font8x14=3Dcpp866-8x14 font8x8=3Dcp866-8x8 firewall_enable =3D "YES" natd_enable=3D"YES" natd_interface=3D"tun0" natd_flags=3D"-dynamic" ppp_enable=3D"YES" ppp_mode=3D"auto" ppp_nat=3D"YES" /etc/rc.firewall fwcmd=3D"/sbin/ipfw" $fwcmd -f flush # Divert all packets through the tunnel interface. $fwcmd add divert natd all from any to any via tun0 # Allow all data from my network card and localhost. Make sure you # change your network card (mine was fxp0) before you reboot. :) $fwcmd add allow ip from any to any via lo0 $fwcmd add allow ip from any to any via ed1 #Allow all data from warehouse $fwcmd add allow all from y.y.y.y to any # Allow all connections that I initiate. $fwcmd add allow tcp from any to any out xmit tun0 setup # Once connections are made, allow them to stay open. $fwcmd add allow tcp from any to any via tun0 established # Everyone on the internet is allowed to connect to the following # services on the machine. This example shows that people may = connect # to ssh and apache $fwcmd add allow tcp from any to any 25 setup =20 $fwcmd add reset log tcp from any to any 113 in recv tun0 . $fwcmd add allow udp from any to 212.44.130.6 53 out xmit tun0 $fwcmd add allow udp from 212.44.130.6 53 to any in recv tun0 $fwcmd add 65435 allow icmp from any to any =20 $fwcmd add 65435 deny log ip from any to any =20 /etc/ppp/ppp.conf default: set redial 1 0 set filter dial 0 deny udp src eq 53 set filter dial 1 deny udp dst eq 53 set filter dial 2 permit 0/0 0/0 internet: set device /dev/cuaa0 set speed 115200 disable pred1 deny pred1 disable lqr deny lqr set dial "ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \"\" AT OK-AT-OK = ATE1Q0 OK set authname name set authkey password set phone 123456 set timeout 600 set openmode active accept chap set ifaddr x.x.x.x 127.2.2.2/0 255.255.255.0 add 0 0 127.2.2.2 /etc/ppp/options debug name x.x.x.x lock require-chap auth proxyarp /etc/ppp/chap-secrets billy x.x.x.x bob * =20 /etc/pptpd.conf speed 115200 options /etc/ppp/options debug ------=_NextPart_000_0013_01C065F1.ADE67820 Content-Type: text/html; charset="koi8-r" Content-Transfer-Encoding: quoted-printable
Good day.
I have a same dificult problem with tooling VPN = based package=20 poptop. I uses FreeBDS 3.1 operation system. Client is VPN Microsoft. = Connection=20 in the Local Aria Network was succesful on 10.4.1.1 IP.
FreeBSD is connected with Internet by PPP with fixed = ip adress=20 x.x.x.x
Client computer is connected whith Internet by = dual-up with=20 fixed ip-adress y.y.y.y
Then I tried to connect through Internet on x.x.x.x IP. The=20 messages "650 The Remote Access server is not responding" appeard = after the=20 check username password.
 
 
Configuration files are wrote below:
 /etc/rc.conf
ifconfig_ed1=3D"inet 10.4.1.1  netmask=20 255.255.255.0"
defaultrouter=3D"NO"
network_interfaces=3D"ed1=20 lo0"
hostname=3D"mail.oggi.spb.ru"
keymap=3Dru.koi8-r
keychange=3D= "61=20 ^[[K"
scrnmap=3Dkoi8-r2cp866
font8x16=3Dcpp866b-8x16
font8x14=3D= cpp866-8x14
font8x8=3Dcp866-8x8
firewall_enable=20 =3D=20 "YES"
natd_enable=3D"YES"
natd_interface=3D"tun0"
natd_flags=3D"= -dynamic"
ppp_enable=3D"YES"
ppp_mode=3D"auto"
ppp_nat=3D"YES"
 
/etc/rc.firewall
   fwcmd=3D"/sbin/ipfw"
 
    $fwcmd -f flush
 
    # Divert all packets through the = tunnel=20 interface.
    $fwcmd add divert natd all from = any to any=20 via tun0
 
    # Allow all data from my network = card and=20 localhost.  Make sure you
    # change your = network card=20 (mine was fxp0) before you reboot.  :)
    $fwcmd = add=20 allow ip from any to any via lo0
    $fwcmd add allow = ip from=20 any to any via ed1
 
    #Allow all data from=20 warehouse
    $fwcmd add allow all from y.y.y.y to=20 any
       # Allow all connections that = I=20 initiate.
    $fwcmd add allow tcp from any to any out = xmit=20 tun0 setup
 
    # Once connections are made, = allow them to=20 stay open.
    $fwcmd add allow tcp from any to any = via tun0=20 established
 
    # Everyone on the internet is = allowed to=20 connect to the following
    # services on the = machine. =20 This example shows that people may connect
    # to = ssh and=20 apache
   $fwcmd add allow tcp from any to any 25=20 setup
   
    $fwcmd add reset log tcp from any = to any=20 113 in recv tun0
.
    $fwcmd add allow udp from = any to=20 212.44.130.6 53 out xmit tun0
    $fwcmd add allow udp from = 212.44.130.6 53=20 to any in recv tun0

    $fwcmd add 65435 allow icmp = from any to=20 any
 
  
    $fwcmd add 65435 = deny log=20 ip from any to=20 any
           =             &= nbsp;           &n= bsp;           =20
 
/etc/ppp/ppp.conf
 
default:
    set redial 1=20 0
    set filter dial 0 deny udp src eq=20 53
    set filter dial 1 deny udp dst eq=20 53
    set filter dial 2 permit 0/0 0/0
internet:
    set device=20 /dev/cuaa0
    set speed 115200
    = disable=20 pred1
    deny pred1
    disable=20 lqr
    deny lqr
    set dial "ABORT = BUSY=20 ABORT NO\\sCARRIER TIMEOUT 5 \"\" AT OK-AT-OK ATE1Q0 = OK
   =20 set authname name
   set = authkey password
  =20 set phone 123456
   set timeout = 600
    set=20 openmode active
    accept chap
    = set=20 ifaddr x.x.x.x 127.2.2.2/0 255.255.255.0
    add 0 0=20 127.2.2.2
/etc/ppp/options
debug
name x.x.x.x
lock
require-chap
auth
proxyarp
/etc/ppp/chap-secrets
 
billy x.x.x.x bob *  
 
/etc/pptpd.conf
 
speed 115200
options /etc/ppp/options
debug
 
------=_NextPart_000_0013_01C065F1.ADE67820-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message